From: Namjae Jeon namjae.jeon@samsung.com
mainline inclusion from mainline-5.15-rc1 commit e294f78d34785151cb6d7199ff61d110f9520e65 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e294f78d3478
-------------------------------
"cifsd: Fix regression in smb2_get_info" patch cause that dacl doesn't work. windows send smb2 set info security with PROTECTED_DACL_SECINFO to control dacl. But previous patch doesn't allow it. This patch add PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO addtional information flags in check.
Signed-off-by: Namjae Jeon namjae.jeon@samsung.com Signed-off-by: Steve French stfrench@microsoft.com Signed-off-by: Jason Yan yanaijie@huawei.com Signed-off-by: Zhong Jinghua zhongjinghua@huawei.com --- fs/ksmbd/smb2pdu.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 42fc3bd2d464..7d8bec07630b 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -4888,9 +4888,11 @@ static int smb2_get_info_sec(struct ksmbd_work *work, int addition_info = le32_to_cpu(req->AdditionalInformation); int rc;
- if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO)) { - ksmbd_debug(SMB, "Unsupported addition info: 0x%x)\n", - addition_info); + if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO | + PROTECTED_DACL_SECINFO | + UNPROTECTED_DACL_SECINFO)) { + pr_err("Unsupported addition info: 0x%x)\n", + addition_info);
pntsd->revision = cpu_to_le16(1); pntsd->type = cpu_to_le16(SELF_RELATIVE | DACL_PROTECTED);